Do you have the means to ensure critical traffic gets through while less important--and often expensive--traffic is curtailed? Find out what packet shaping can mean to the bottom line of your organisation.

Packet shaping "is a hot topic these days," says Roland Chia, national business manager at Dimension Data Australia. Organisations are paying more attention to application performance and response times, and are realising that a lack of communication between application developers and network teams prior to implementation means the bandwidth requirement for new projects receives insufficient attention.

Beware that "packet shaping" generally refers for one of two things. In the world inhabited by carriers and suppliers, shaping simply means that the flow of packets is kept within a maximum rate, and the excess data is left in a queue or--in extreme cases--dropped. In the context of IP networking, it is implicit that shaping is preceded by packet classification and queuing, with some classes of data being given priority over others.

Some carriers offer data services that include packet shaping in the IP sense, says Anthony Buckton, solutions architect at Nortel, but "it might be smarter for customers to do the packet shaping themselves".

Carrier-style shaping can work for general IP data traffic, but shaping Voice over IP (VoIP) and other time-critical data delays the packets unless classification and queuing is done as well. Otherwise, "shaping on its own can cause more problems," he says.

One example of a carrier service that offers IP-style shaping is TPIPS (Telstra Private IP Service), which uses Nortel's Passport switches with software for classification, queuing, and shaping.

"Traffic management in the LAN will soon take serious shape" because of the emergence of VoIP and desktop videoconferencing, says David Gabo, senior consultant at NCR Worldwide Customer Services. IP telephony needs regulated bandwidth in the LAN, but "I'm sceptical about packet shapers" in this context, he says, suggesting that control needs to be embedded in the infrastructure.

Dave Côté, president and CEO of Packeteer, says the only option other than packet shaping is adding more bandwidth. Five years ago, the expectation was that bandwidth would become effectively free, but in the last couple of years the IT community has realised that isn't going to happen. "The market is heading towards us," he says. "There really isn't anybody who uses the control technology we do."

That may be true, but Packeteer does not have the market to itself. South Australia's Foursticks uses its patented "NP" technology combining queuing algorithms and Quality of Service (QoS) consistency checking in software that can be embedded in applications, devices, and operating systems.

The use of third-party hardware saves money and allows customers to leverage their existing relationships with suppliers, says the company's chief technology officer Alan Noble. This also means hardware can be selected according to customer needs, such as highly available Sun configurations or inexpensive generic Intel-based PCs. "It's more like ‘Foursticks NP inside'," he says.

Foursticks' patent-pending algorithms provide more accurate and more efficient management of interactive and real-time applications without hard reservations, Noble says, providing better application stability and more efficient use of the network. The software is independent of line speed (both in terms of capability and pricing), and can manage burstable bandwidth in frame relay networks, taking advantage of available bandwidth above the committed rate.

"The cost of implementing Foursticks NP is typically returned within six to 12 months," says Noble. "For example, Bridgestone reports an immediate saving of $100,000 in bandwidth costs." Bridgestone uses TPIPS to link approximately 80 sites around Australia, but was experiencing network congestion problems that slowed critical ERP applications including SAP.

"Network performance was very variable," says Darren Denley, Corporate Manager Information Systems, Bridgestone Australia. "People eventually decided they didn't want to use the system as it was too slow."

The implementation of Foursticks NP on five of the company's links identified unnecessary and inappropriate traffic, and "we were able to allocate bandwidth usage to the applications that are bringing most value to our business," he says.

"Setting policies to control network usage is easy using NP and we've noticed an instant improvement in the performance of SAP across the WAN," says Denley. "Response times are now consistent and predictable. The product itself addresses fundamental areas of IT management which are becoming more and more critical to ensuring that the quality of IT solutions exceed customer expectation."

Foursticks NP has also been added to Singapore-based infrastructure management solution provider Equator One's MAX network management suite. Wilfred Wong, chief executive and chief technology officer, says "Foursticks has developed a superior network performance algorithm and policy-based QoS, but importantly, it is an open system, which allows us to integrate NP software into the current and next generation performance controls in our MAX product suite."

Apart from enterprise sales and distribution and licensing arrangements, Foursticks has also embedded its technology into the Sun LX server, and into a Chinese-made router with a view to signing an OEM licensing agreement with a Hong Kong network equipment manufacturer.

Driving Forces
Mike Morford, senior technologist at Packeteer, sees three trends that are driving organisations towards packet shaping.

First, there are more and more applications--VoIP, video, Web conferencing, CRM, etc--using corporate networks, but bandwidth over the last mile is still limited to around 2Mbps. Consequently, that bandwidth must be managed.

Secondly, "the network industry is growing up in a business sense," and we need to apply classical management techniques to the network, just like any other resource. So processes should be consistent, measurable, and repeatable.

Thirdly, there is a shift in focus concerning application availability. Instead of asking whether a server or application is up, the question is becoming "is it highly usable?" A significant contributor to usability is the amount of competing network traffic.

Morford speaks of network congestion events--bursts of traffic that saturate a link. They can have various causes, including someone downloading a large service pack during the day (that can be enough to make other applications unusable for 20 minutes to an hour), or people watching streaming video from news sites during major events such as the war in Iraq. That's bad enough if only one person is doing it, but five users can fill a 1Mbps link, he says. Instant Messenger might be a legitimate application, but it allows file transfers and if someone sends or receives a 700MB movie file, that's going to affect your network. Even viruses and worms can be a problem: SQL Slammer would use all available bandwidth looking for servers to infect, he says. According to Morford, network managers say "these little insidious problems really make my network unusable." Each application needs to be given enough bandwidth to do its job, but there must also be an upper limit so it doesn't take up all the available bandwidth.

Frame relay prices are now rising in the US, he says, and so "people are recognising that for the foreseeable future it [bandwidth] will be a constrained resource." Organisations want to use new applications--videoconferencing can make a business more efficient--but the bandwidth must be found for them. To make things worse, some applications are designed for LAN use, where Gigabit Ethernet is now commonplace. WAN links are lower capacity, and "people aren't buying infinite amounts of bandwidth," he says.

"We make networks more efficient, so even in downturns there is demand for [these products]," says Morford, as it gives a fast return on investment and the benefits continue even if the WAN links are subsequently expanded.

Peter Owen, territory manager--Australia and New Zealand at Packeteer says that a difference between Australia and the North Island of New Zealand is that broadband is virtually everywhere in the latter, and E1 (2M) links are cheap. Despite (or maybe because of) this, New Zealand is a big market for Packeteer. People need to manage the traffic flowing across the links, even if it's just Citrix data, he says.

A PacketShaper can be useful when connecting small (even one- or two-person) remote offices to a central site using ADSL, as only one device is needed. "We're seeing a lot of sales in 2003 in that marketplace," he says. Morford adds that part of the reason is that even if you start with a relatively low capacity link, upgrading to the next level is generally expensive, so investing in one PacketShaper can save having to pay for fatter pipes to several offices. But if there is only one remote site, one or two people are unlikely to generate enough traffic to cause contention.

Taking advantage
Packet shaper deployment is typically a three-step process, says Morford. First, the device provides application visibility, allowing the network manager to see what's really happening on the network. Communication between different areas of responsibility within IT may suffer during rapid deployments.

Visibility is quickly followed by the second stage, which is applications control. That involves making business decisions about the policies that will be applied to different applications.

The third stage is network optimisation. Packeteer recently introduced a compression add-on for the PacketShaper that can reduce the bandwidth needed by some applications. It is important that classification is performed before compression, because an attempt to compress already-compressed data will not give any benefit but it will add latency, which is undesirable in time-critical applications such as IP telephony.

If classification and compression are done separately, "they [reduce] each other's value to the network," says Owen. Doing them together also means that flow control can be based on the amount of data before compression, he adds.

To get value from packet shaping, it is essential that business rules can be quickly and easily mapped onto device settings. To support the packet-shaping capabilities of its devices for the non-carrier market, Nortel offers methodologies to help end-users implement and manage these rules. Users can point and click to set priorities, "mapping their business-important applications into the network," says Buckton.

Organisations using Nortel products in this way include Deloitte Touche Tohmatsu, State Rail (NSW), and CeNTIE (Centre for Networking Technologies for the Information Economy).

CeNTIE recently ran a trial of a 10Gbps Ethernet link involving the use of haptics (simulated touch) to manipulate an object at a remote location. As part of the demonstration, data from AARNET was transmitted simultaneously with the virtual environment information so that the link was running at full capacity. The appropriate prioritisation of packets meant the haptics were unaffected by the other traffic, despite the 100 percent utilisation, says Buckton.

Nortel equipment is also being used in the NSW Department of Education network to classify users (eg, primary/secondary/TAFE and teacher/student). "Being able to identify the user prior to shaping is important," says Buckton. "The difference [of doing it in the network] is we can tie it back to central management." Traffic classification can be in terms of socket numbers, IP addresses, or URLs, he says. The latter takes care of hosted applications where you don't necessarily know the IP address of the server, as the provider may redeploy your application from one box to another.

Shapers vs QOS in routers

An external packet shaper offers better control and reporting, allows quick configuration changes, and makes it easier to go beyond layer four (ie, to classify traffic at the application level), he says.

Owen says there is a "difference between hype and reality" when it comes to QoS features in routers, as they do not deal with application-specific problems very well. Both network QoS and application QoS management is required, he suggests.

Another issue is that as desktop systems become more powerful, servers transmit larger packets of data across WAN links, and this can conflict with carriers' assumptions that are based on older hardware.

All Nortel products implement eight queues, says Buckton, claiming that others only have two or four queues. "This is the number of levels of priority you have in Ethernet... IP... and other technologies," he says.

If a network has been built with routers that lack QoS features, it can be more cost-effective to use an external packet shaper instead of upgrading the routers, says Chia. One customer was getting poor response from Citrix applications, he says, but when Dimension Data got involved the customer pulled out from a cupboard a PacketShaper purchased by the previous IT manager but never installed. The software was quickly upgraded to the current version, and the customer saw an instant improvement and acceptable response times.

With data that is especially time critical, such as VoIP, adding packet shaping to aging network infrastructure may not be enough, says Oliver Descoeudres, marketing manager at NetStar Australia. All the routers will need QoS features as well, he says: "you've got to get that baseline in place."

Chia agrees that most VoIP rollouts would include a router upgrade for QoS, and suggests there are times when QoS and a packet shaper would both be needed.

"It depends on the situation and actual traffic," says Bjarne Munch, senior research analyst at META Group. "We do see [packet shaping appliances] having a good space in the market right now."

When it comes to managing priorities, Descoeudres says it is much easier to change the rules in a packet shaper than in a router.

Chia points out that a network with a star topology can be managed by a single packet shaper at the network core, but more complex arrangements may require a device at each location, and that can make it harder to establish the business case, he says.

Packet shapers "seem very easy to use", says Munch, but he recommends their use on specific links rather than deploying them in a network cloud. They provide good reporting of the traffic mix--META doesn't expect routers to catch up in that regard until somewhere between the end of this year and 2005--but managing a large number of packet shaping appliances can be difficult, he says.

With wideband IP connections now delivering Ethernet to the premises, sites are likely to be equipped with a switch rather than a router, says Chia. The basic queuing in a switch "just does not cut it", he says, as it does not provide sufficiently fine control. A packet shaper may therefore be needed, and "I think that's going to become more prominent," says Chia.

This situation may also call for traffic throttling, he says, because some contracts penalise bursts of traffic. It is important that prioritisation is done before throttling, and that can't be done on a switch.

Gabo disagrees, saying that companies such as Cisco and Alcatel are developing traffic management capabilities for edge switches. The prioritisation is "embedded in a much lower cost product" than an external shaper and they do not need managing, he says.

Michael Boland, distinguished engineer at Cisco, is on Chia's side. Carriers offer four or five classes of service within a contract, he says, and their routers police your traffic within these classes so you don't mark all your traffic as top priority. You therefore need to shape your traffic according to the contract. Routers shape by aggregated traffic while packet shapers shape by application and "the world doesn't need to get down to this level of granularity," he says. Even with Ethernet to the premises, you should install a router rather than a switch to accumulate information about your traffic so you can check you are getting what you're paying for.

"The faster the pipe, the deeper the buffers," says Boland, pointing out that buffers equivalent to 2.5 times the round-trip delay should be maintained. This isn't an issue for short-haul links, but it is significant for fast inter-capital or international connections.

On the other hand, there are times when external packet shaper is not appropriate, according to Chia, such as networks that are still using legacy protocols (DECnet, IPX, etc) that are unsupported by such devices, or where there is branch-branch traffic across a frame relay network and installing a shaper at each location is uneconomical.

"Every technology has its place," says Gabo. Packet shaping is traditionally used in WANs to reduce charges and by deprioritising less important traffic on restricted links. "A lot of WAN equipment provides similar functionality," he says, but configuring a router requires specific skills and a misconfiguration can being down a network.

Foursticks NP attempts to reduce this risk by incorporating patent pending methods for verifying the correctness of policies. The result is that the product is easier to use, with quicker troubleshooting, says Noble.

Packet shapers are dedicated to the function, so today they do a better job than the embedded equivalent, "but they will always be a niche product," says Gabo. "To date, the major need for traffic management was in the WAN. In future, it will be everywhere in the network" because multimedia applications require end-to-end control. This control will be provided by devices from network vendors "and soon from Dick Smith Electronics and other shops," he says.

"Bandwidth management comes into play when there is congestion. Congestion happens anywhere in the network that there are more than two ports" and it must be dealt with where it is created, "or the damage is already done."

Munch points out that packet shapers are appropriate when sufficient bandwidth is available but various classes of traffic must be prioritised. If the links aren't adequate for the amount of traffic, compression (either as a standalone product or as an add-in to a device such as a router or packet shaper) is more appropriate. "Traffic management is only one part of the game," he says, "it's important to identify the actual need." Organisations tell META that compression can add one or two years to the useful life of an international link before more bandwidth is needed.

Similarly, if an organisation is planning to add VoIP to its current network in two or three years, it might be worth installing packet shapers as a "spot solution" while a converged network is architected. "There's probably more long-term use for compression" than packet shaping, he suggests. "You can't get quality of service unless it is embedded in each node in the network."

In addition to the compression offered by Packeteer (which is based on Lempel-Ziv encoding), Peribit Networks has also developed another form of compression known as Molecular Sequence Reduction, which is used in its SR series of products.

Cheap routers provide two or four queues, Gabo says, and expensive models eight or 16, but "you probably won't need more than eight queues in any network--in practical terms, it's just not necessary" and a router or switch that can do the classification and manage eight queues can provide QoS.

Boland agrees. He says it is enough to specify (for example) top priority for VoIP traffic, medium priority for enterprise applications, and "best effort" for e-mail. "If you can get down to that level, you can get very fine control over what goes down a pipe," he says. Munch concurs, saying "you can do very differentiated queuing" with modern routers.

Router vendors tell their customers to use QoS in the routers, says Côté, and "in some cases that's the best thing that could happen to us" because that doesn't provide enough priority levels, sufficient granularity, or the ability to limit certain traffic types.

Boland suggests organisations should compare the cost of packet shapers with the benefits they deliver over and above those provided by modern routers. "You can't put them on every junction on your network," he says, and vendors are increasingly putting intelligence into the switching fabric. There is usually plenty of bandwidth on a LAN, so the issues occur on a LAN/WAN boundary, and there's usually a router at that point.

"Administration is the biggest problem in these networks", he suggests. Application awareness means you have to keep track of application changes, and setting priorities for every application and every node is a big job, "so people don't administer to that level of granularity." That may be true in some circumstances, but our case study describes a Packeteer customer that uses between 30 and 40 classes. "It's a horses for courses thing," says Boland, "for some people it's ideal, [but] in general it's not a big deal."

How does it work?
The primary mechanism used by the PacketShaper is TCP rate control, says Packeteer systems engineer Bede Hackney. Instead of managing queues of packets, a PacketShaper manipulates the TCP sliding window size (the maximum number of bytes that can be sent without receiving an acknowledgement), effectively controlling the speed at which data is transmitted. This approach provides bi-directional control with a single device, and it also makes it possible to limit the bandwidth consumed by a device such as a remote camera even if there isn't a router at the far end of the link.

A PacketShaper can track the different sessions passing through it and intelligently delay acknowledgements to control the flows without causing packets to be retransmitted, as such retransmissions waste bandwidth. If packets are buffered and queued, they will be dropped at some stage, says Hackney, but "we're able to achieve a more efficient control."

"If we can't do anything smarter, we'll fall back onto queuing," he says, adding that PacketShapers can also mark packets according to a variety of prioritisation standards, including 802.1p, CoS, Diffserv, and MPLS.

Foursticks claims its patent-pending algorithm is more accurate than methods such as TCP rate shaping because it responds more quickly to changes in the network. It also uniquely allows the definition of the maximum latency for packets moving through the device. "This is important to delay and jitter sensitive traffic," says Alisdair Faulkner, Foursticks' director of strategy.

The Foursticks algorithm also incorporates finer granularity of policy control through its configuration verification capability that ensures that policies are valid and supportable by the underlying network, he says.

Boland points out that modern routers do more than just routing packets. Additional functions such as firewalls are being built in, so routers can understand traffic at the application layer. Packet shaping either introduces another type of box to the network, or additional software running on the servers--either way, that means more complexity.

Reporting and integration
A by-product of packet classification is the collection of detailed data about the traffic flowing across the network. Packeteer's ReportCenter software provides consolidated reporting from multiple PacketShapers or PacketSeekers. The software collects 55 variables that are useful for service level management, and it has "a very robust API", claims Morford, allowing connection to other applications. Owen says work has been done locally to integrate Packeteer data with Concord's management software for reporting purposes. "It's a strength of out product," he says. Information collected by Packeteer appliances is a valuable addition to other management tools.

Several local customers are using the API to link to their host accounting systems. "We've been very successful" as an alternative to messing around with spreadsheets," says Owen. "Most sophisticated customers are... billing at the application level."

Other vendors support the integration of their products with applications. "Foursticks has an open API which allows third-party software developers to automate many control and shaping features," says Faulkner.

Performance data collected by Packeteer appliances can also be used for "proactive alerting", says Morford. Performance degradation can be spotted at an early stage, so technical staff can be alerted before a system fails or becomes unacceptably slow. It can also locate problems that affect specific clients or servers.

Another issue is granularity of reporting. "Foursticks believes you can only control to the level of detail you can monitor and report. Only NP has the capability to measure bandwidth and application response time--round trip time--‘live' at per-second granularity." Averaging the response time of transactions over one minute rather than one second can give a misleadingly low impression of responsiveness, Faulkner says.

Service providers that use a PacketShaper or PacketSeeker to investigate their client's network do not need to leave it in place permanently, according to Descoeudres. Putting one on the network for a week or so can "identify latency issues and qualify the end-user experience", he says. When the provider is responsible for managing application performance, ongoing data collection will help identify and address the real cause. "Often the problem may be there is insufficient bandwidth for a particular site," he says. "Packeteer gives you very effective reports at the application level."

"Customers see this as useful technology, but not essential in the current environment," says Descoeudres, but he expects interest will return as soon as IT spending picks up.

Case study: ROI in Victoria

The Victorian Department of Sustainability and Environment has a converged WAN carrying data, VoIP and videoconferencing data to its 34 offices around the state.

Packeteer PacketShapers are used to deliver quality of service by prioritising corporate applications appropriately. Apart from voice and video, the network carries traffic from Oracle Financials, SAP (human relations system), Lotus Notes, and software used in fire suppression. "We've seen some pretty incredible statistics," says senior technical manager Andrew Paynter.

When the remote sites were connected via 128K links, response times for individual transactions in Oracle Financials were around 30 or 40 seconds, which meant a complete operation such as entering a purchase order or processing goods received took around three-quarters of an hour. Specialists such as research scientists or fisheries enforcement officers notionally performed this work, but "these people don't have the time to sit for 40 to 50 minutes to buy something for their business," says Paynter, Consequently, they were hiring contract workers to deal with administrative tasks.

Upgrading the WAN links to 2 or 4M as part of the converged network project improved transaction times to around 15 seconds, but the new network architecture included PacketShapers and when they were activated this figure dropped to 3 or 4 seconds. "People can now transact in four or five minutes, as opposed to around 46 minutes," says Paynter, so DSE staff can find the time to perform these tasks themselves and the cost has fallen from around $30 to $3-$4 per transaction.

There have also been flow-on effects, such as a reduction in the re-polling of servers. Fault logging at the service desks has dropped dramatically, in some cases by 80 percent.

"If you increase the size of the link, it just gets taken up by more traffic... SAP agents [for example] take up whatever's there" says Paynter.

PacketShapers provide a granularity of control that can't be achieved if you implement QoS through routers, he says. DSE operates between 30 and 40 classes of service, and it is easy to adjust priorities as necessary. During last summer's major bushfires, Paynter could immediately increase the priority of the software relating to fire suppression as well as boosting the maximum bandwidth it was allowed to consume. This could not have been done so quickly through a routing platform, he says.

When videoconferencing was originally piloted by DSE, router and carrier-based tools were used to give the traffic sufficient priority, but that wasn't sufficiently dynamic as it reserved bandwidth even when there was no videoconferencing traffic. This is at odds with the idea of a converged network.

The WAN and LAN refresh that included the PacketShapers was carried out by Dimension Data between November 2002 and January 2003, and involved "107 mini-projects all running simultaneously," says Paynter. One PacketShaper is installed at each location, with redundant units at the network core to provide load balancing and fail over. If a remote PacketShaper fails, the network falls back to router-enforced queuing to prioritise video and voice traffic until a replacement can be delivered to the site and swapped in by the local staff.

"It's proved the value of applying business policies to the way you use your network," says Paynter. For example, the CFO can request a temporary increase in the priority of financials traffic during end of year processing, or during a disaster, fire crews can receive infrared images and real-time telemetry--"that's a fairly critical application in terms of time and the safety of staff involved in the suppression effort," he says. "Everything else went on the back burner."

Perebit goes to BAT

According to Jef Graham, president and CEO of Peribit Networks, there are three kinds of people that are interested in their products: those who would rather not spend more on upgrading their broadband, those who can't get any more bandwidth, and those who want to downgrade their connection to improve the bottom line. When British American Tobacco in Australia was faced withi a new SAP rollout, it decided to go with Peribit Sequence Reducer products for the first reason. The SR-50 products that were selected have now been found to have increased existing BAT network capacity by 2.5 times, resulting in big savings (compared to purchasing larger WAN circuits)--savings that have provided BAT with an ROI of approximately four months.

Prior to installation, many of the BAT network links were already near capacity, and the deployment of SAP would have cause significant congestion and delay in the network. Using the SR-50s allowed BAT to stay within their existing 64Kbps link speed, even with the additional SAP traffic.

According to Gordon Anthony, CEO of Global Asset Systems in Australia (Peribit's distributor), "The BAT case shows how sequence reduction can be used to produce instant bandwidth to boost application performance."

The interesting thing about Peribit's sequence reduction technology is that it employs a totally new compression algorithm known as Molecular Sequence Reduction (MSR). MSR operates by finding variable-sized (not packet-sized) patterns anywhere in the data stream--these can be across multiple packets, applications, or sessions.

"Rolling out SAP is critical to our business," said Peter Deitz, Technology Manager at BAT. "International circuits are very expensive and critical to managing our widespread pan-Pacific operations. Peribit saves us over $4500 per month just on our links between Australia and New Guinea. The SR-50s are also very simple to operate--which is important because it minimises both my time involvement and travel. The decision only took us six weeks from start to finish--a very easy decision with a convincing ROI."

Executive summary

• "Packet Shaping in an IP Network implies classification and prioritisation (either through queuing or rate control), not merely capping the rate of flow.
• Packet shaping can ensure critical application traffic gets priority over less important or relatively time-insensitive flows.
• Packet shaping can be implemented by an appliance or added to the software in devices such as routers or servers.
• Packet shaping can be a useful adjunct to router-based QoS features for time-critical applications such as VoIP, delivering better results than either technology can in isolation.
• As a by-product of their primary function, packet shapers provide detailed insight into the traffic on a network.
• The more finely you want to classify traffic, the more appropriate a packet shaper becomes compared with router-based QoS.

Subscribe now to Australian Technology & Business magazine.

Copyright © 2009 CBS Interactive, a CBS Company. All Rights Reserved.
ZDNET is a registered service mark of CBS Interactive. ZDNET Logo is a service mark of CBS Interactive.